Re: Has rfc2487 been obsoleted and mandatory TLS in smtpd is now kosher?

[Erwan David]

Le 29/07/2021 à 18:46, Dominic Raferd a écrit :
> Some commercial vulnerability scan services (e.g. by Qualys,
> SecurityMetrics) which are required by payment providers regard
> TLSv1/TLSv1.1 as absolute fails for PCI DSS compliance and
> organisations that must meet PCI DSS
> (https://www.pcisecuritystandards.org/) have no choice but to respect
> this. The same services do not treat port 25 open for plain text as a
> fail.
>
Putting your email in the PCI-DSS protected domain is also a rather bold
move...